CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2286 matches found

Prion•added 2020/06/11 3:15 p.m.•14 views

Input validation

In freeIsolatedUidLocked of ProcessList.java, there is a possible UID reuse due to improper cleanup. This could lead to local escalation of privilege between constrained processes with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

4.6CVSS7.7AI score0.00246EPSS

Exploits0References1Affected Software1

Palo Alto Networks•added 2020/06/10 4:0 p.m.•45 views

PAN-OS: Buffer overflow in authd authentication response

A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. Work around: This issue affects the management interface of PAN-OS and you can mitiga...

7.2CVSS2.5AI score0.02132EPSS

Exploits0References1

RedHat Linux•added 2020/06/10 11:12 a.m.•2 views

hw: Vector Register Data Sampling

A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read...

5.5CVSS6.5AI score0.00521EPSS

Exploits0References8

RedHat Linux•added 2020/06/09 7:30 p.m.•8 views

hw: Vector Register Data Sampling

5.5CVSS6.5AI score0.00521EPSS

Exploits0References8

RedHat Linux•added 2020/06/09 6:15 p.m.•3 views

hw: Vector Register Data Sampling

5.5CVSS6.5AI score0.00521EPSS

Exploits0References8

Prion•added 2020/06/09 5:15 p.m.•17 views

Code injection

An entitlement parsing issue was addressed with improved parsing. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application could interact with system processes to access private information and perform privileged actions...

5.8CVSS6.3AI score0.00916EPSS

Exploits0References4Affected Software5

Cvelist•added 2020/06/09 4:16 p.m.•23 views

CVE-2020-9842

6.3AI score0.00916EPSS

Exploits0References4

OpenVAS•added 2020/06/09 12:0 a.m.•9 views

Linux: Get running services

A service is a process or group of processes commonly known as daemons running continuously in the background, waiting for requests to come in especially from clients. Note: This script only stores information for other Policy Controls. SPDX-FileCopyrightText: 2020 Greenbone AG Some text...

6.8AI score

Exploits0References1

The Coalfire Blog•added 2020/05/28 11:5 p.m.•15 views

A new way to manage supply chain risk – Introducing the AICPA SOC for Supply Chain report

With the continuation of its System and Organization Controls SOC suite of services SOC 2®, SOC for Cybersecurity, etc., the American Institute of Certified Public Accountants AICPA has released a new report format that focuses on manufacturing and distribution supply chains. The AICPAs SOC for...

1.2AI score

Exploits0

ThreatPost•added 2020/05/27 8:14 p.m.•54 views

DoubleGun Group Builds Massive Botnet Using Cloud Services

An operation from the China-based cybercrime gang known as DoubleGun Group has been disrupted, which had amassed hundreds of thousands of bots that were controlled via public cloud services, including Alibaba and Baidu Tieba. NetLab 360 researchers, in a recent posting, said that it noticed DNS...

6.9AI score

Exploits0References6

OSV•added 2020/05/26 6:15 p.m.•2 views

CVE-2020-12388

The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. Note: this issue only affects Firefox on Windows operating systems.. This vulnerability affects Firefox ESR 68.8 and Firefox 76...

10CVSS7.3AI score

Exploits0References4

NVD•added 2020/05/26 6:15 p.m.•17 views

CVE-2020-12389

10CVSS9AI score0.01728EPSS

Exploits0References3

UbuntuCve•added 2020/05/26 6:15 p.m.•41 views

CVE-2020-12388

10CVSS7.1AI score0.02714EPSS

Exploits0References3

Prion•added 2020/05/26 6:15 p.m.•25 views

Design/Logic Flaw

7.5CVSS8.9AI score0.01728EPSS

Exploits0References3Affected Software2

OSV•added 2020/05/26 6:15 p.m.•2 views

UBUNTU-CVE-2020-12389

10CVSS7.3AI score0.01728EPSS

Exploits0References4

AlpineLinux•added 2020/05/26 5:4 p.m.•44 views

CVE-2020-12388

10CVSS9.1AI score0.02714EPSS

Exploits0

ICS•added 2020/05/21 12:0 p.m.•151 views

Detecting Citrix CVE-2019-19781

Summary Unknown cyber network exploitation CNE actors have successfully compromised numerous organizations that employed vulnerable Citrix devices through a critical vulnerability known as CVE-2019-19781.1 Though mitigations were released on the same day Citrix announced CVE-2019-19781,...

9.8CVSS10AI score0.99999EPSS

Exploits48References46

Apple•added 2020/05/20 12:0 a.m.•42 views

About the security content of tvOS 13.4.5

About the security content of tvOS 13.4.5 This document describes the security content of tvOS 13.4.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

9.8CVSS9.8AI score0.77246EPSS

Exploits10References1Affected Software1

Kitploit•added 2020/05/09 10:0 p.m.•177 views

GDBFrontend - An Easy, Flexible And Extensionable GUI Debugger

GDBFrontend is an easy, flexible and extensionable gui debugger. Installing Deb Package Debian / Ubuntu / KDE Neon You can install GDBFrontend via deb package for Debian-based distributions. You can install it from following commands: echo "deb trusted=yes https://oguzhaneroglu.com/deb/ ./" | sud...

7.4AI score

Exploits0References2

RedhatCVE•added 2020/05/06 1:39 a.m.•33 views

CVE-2020-12389

7.5CVSS3AI score0.01728EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by